diff options
| author | André Luis Leal Cardoso Junior <andrehjr@gmail.com> | 2019-03-17 00:43:43 -0300 |
|---|---|---|
| committer | André Luis Leal Cardoso Junior <andrehjr@gmail.com> | 2019-03-17 01:26:51 -0300 |
| commit | ca937c59cd69c05cbb92bad4839d931061e15b69 (patch) | |
| tree | ef94b64f9ba5502add4c20c297a4885c986ec472 /actionpack | |
| parent | fdac932707fb16b7d074b1d0bc7c255157d72675 (diff) | |
| download | rails-ca937c59cd69c05cbb92bad4839d931061e15b69.tar.gz rails-ca937c59cd69c05cbb92bad4839d931061e15b69.tar.bz2 rails-ca937c59cd69c05cbb92bad4839d931061e15b69.zip | |
Don't override @set_cookies on CookieJar#update_cookies_from_jar'
When building the cookie_jar for the current test request.
It was possible for this method to override keys currently being set on the test itself.
In situations such as when making two requests mixing creating the cookie on the test and the controller.
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_dispatch/middleware/cookies.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 13 |
2 files changed, 14 insertions, 1 deletions
diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb index 1611a8b3dd..b69bcab05c 100644 --- a/actionpack/lib/action_dispatch/middleware/cookies.rb +++ b/actionpack/lib/action_dispatch/middleware/cookies.rb @@ -338,7 +338,7 @@ module ActionDispatch def update_cookies_from_jar request_jar = @request.cookie_jar.instance_variable_get(:@cookies) - set_cookies = request_jar.reject { |k, _| @delete_cookies.key?(k) } + set_cookies = request_jar.reject { |k, _| @delete_cookies.key?(k) || @set_cookies.key?(k) } @cookies.update set_cookies if set_cookies end diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index 4aaac1320e..2c67bb779f 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -123,6 +123,11 @@ class CookiesTest < ActionController::TestCase head :ok end + def set_cookie_if_not_present + cookies["user_name"] = "alice" unless cookies["user_name"].present? + head :ok + end + def logout cookies.delete("user_name") head :ok @@ -1128,6 +1133,14 @@ class CookiesTest < ActionController::TestCase assert_equal "bar", @controller.encrypted_cookie end + def test_cookie_override + get :set_cookie_if_not_present + assert_equal "alice", cookies["user_name"] + cookies["user_name"] = "bob" + get :set_cookie_if_not_present + assert_equal "bob", cookies["user_name"] + end + def test_signed_cookie_with_expires_set_relatively request.env["action_dispatch.use_cookies_with_metadata"] = true |